DoppelPaymer Gang Reportedly Attacked Kia Motors America with Ransomware

Kia Motors America was hit by a ransomware attack, and the criminals asked for a $20 million ransom to provide a decryptor, BleepingComputer reported. The initial reports referred to an IT outage across the US for Kia Motors America.

Later, someone tried to pick up a car from a dealership only to be turned back because ransomware reportedly locked the systems. The company acknowledged it has some problems but didn’t confirm it was attacked.

“KMA is aware of IT outages involving internal, dealer and customer-facing systems, including UVO,” the company said to BleepingComputer. “We apologize for any inconvenience to our customers and are working to resolve the issue and restore normal business operations as quickly as possible.”

In the meantime, a ransom note appeared online, seemingly from the DoppelPaymer gang. DoppelPaymer, however, mentions Hyundai as the target, although that’s the parent company of Kia.

Criminals say that they also stole a lot of data from the company and threatened to release it in the next few weeks if the $20 million ransom isn’t paid. Moreover, if the 404 bitcoins they requested are not paid on time, the ransom increases to 600 bitcoins, now roughly $30 million.

The BleepingComputer report also says Hyundai Motors suffers from similar outages, but the major difference is that Hyundai denies that criminals hit it with a ransomware attack.

“At this time, we can confirm that we have no evidence of Hyundai Motor America’s involvement in a ‘ransomware’ attack,” said the company.